General
-
Target
2024-03-28_df5f16a2dfa6688cea45dc22cbe669ca_karagany_mafia
-
Size
250KB
-
Sample
240328-kzhytsha2t
-
MD5
df5f16a2dfa6688cea45dc22cbe669ca
-
SHA1
f4af36b029369e4f84c8887df28a0b88636c1492
-
SHA256
abcc491345f032a6f691f881a671c08ab6e9556ed6d2063c7d92182ef43badbf
-
SHA512
0888e954deb1d5bb49bbdfcd47b313666fee54fd22de40dd2f1c4cabf059426c0aa8207596e338c3df92f0befb56a48accf494ffac63e57180c6b2adb481b4f8
-
SSDEEP
6144:s+YrOIBjaklexBgiJ8sTSIkIpxIp8mDtfPBRwasxXq:EOCjaklYgVIpxIhDtR
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-28_df5f16a2dfa6688cea45dc22cbe669ca_karagany_mafia.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-28_df5f16a2dfa6688cea45dc22cbe669ca_karagany_mafia.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-28_df5f16a2dfa6688cea45dc22cbe669ca_karagany_mafia
-
Size
250KB
-
MD5
df5f16a2dfa6688cea45dc22cbe669ca
-
SHA1
f4af36b029369e4f84c8887df28a0b88636c1492
-
SHA256
abcc491345f032a6f691f881a671c08ab6e9556ed6d2063c7d92182ef43badbf
-
SHA512
0888e954deb1d5bb49bbdfcd47b313666fee54fd22de40dd2f1c4cabf059426c0aa8207596e338c3df92f0befb56a48accf494ffac63e57180c6b2adb481b4f8
-
SSDEEP
6144:s+YrOIBjaklexBgiJ8sTSIkIpxIp8mDtfPBRwasxXq:EOCjaklYgVIpxIhDtR
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-